CEH Exam 10-12
What would be the result of sending the string AAAAAAAAAAAAAAAAA into a variable that has been allocated space for 8 bytes?
Buffer overflow
What method might you use to successfully get malware onto a mobile device?
Using a third-party app store
What tool could you use to clone a website?
wget
What would a signal range for a Bluetooth 4.0 device commonly be?
300 ft.
Your organization is planning to add wireless nodes to an existing LAN that has a potential throughput of 54 Mbps. Which of the following will your organization use?
802.11a
Which Wi-Fi standard has a radio band of 2.4 and 5 GHz and a speed of 100 Mbps?
802.11n
John works as a network administrator at Infosoft Inc. He suspects that malware is attempting a buffer overflow attack in a kernel module. Which of the following techniques will John use to protect against the attack?
ASLR
You are evaluating the security of your organization's wireless network and found that SSID broadcasting is turned on. Who among the following will have access to a wireless network's SSID?
Anyone in the organization
Taylor, a black-hat hacker, makes use of a program called slowhttptest to send requests asking for overlapping ranges of bytes. Which of the following attacks is he performing?
Apache Killer
What could you use to inform a defensive strategy?
Attack life cycle
Which social engineering principle may allow a phone call from the help desk to be effective?
Authority
What type of attack would you be using by putting malware onto USB sticks that were given out at a security conference?
Baiting
Granting access to a system based on a factor such as an individual's retina during a scan is an example of what type of authentication method?
Biometrics
Pete, a security engineer, grants access to network resources based on authenticating an individual's fingerprint during a scan. Which security method does he use in determining identity?
Biometrics
What Bluetooth attack would allow you to make a call after gaining access to a device for surveillance?
Bluebugging
What is the web page you may be presented with when connecting to a wireless access point, especially in a public place?
Captive portal
Which protocol is commonly used for amplification attacks?
DNS
Taylor, a penetration tester, requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities. Which of the following will she use in the given scenario?
Defense-in-depth
Which term defines the condition when an adversary purposely crashes a server?
Denial of service
What is the four-stage handshake used for?
Deriving keys
How would someone keep a baiting attack from being successful?
Disable autorun.
Juan, a security analyst, founds a rogue access point that pretends to be a legitimate network. Which of the following is responsible for this?
Evil twin
Taylor, a security analyst, wants to perform a scan that measures a person's external features through a digital video camera. Which of the following scans will she use?
Facial recognition
What statistic are you more likely to be concerned about when thinking about implementing biometrics?
False acceptance rate
What security element would be a crucial part of a defense in depth network design?
Firewall
What is the purpose of a deauthentication attack?
Forcing stations to reauthenticate
What is the SSID used for?
Identifying a network
What is the purpose of performing a Bluetooth scan?
Identifying endpoints
What social engineering vector would you use if you wanted to gain access to a building?
Impersonation
Which social engineering technique can allow you to gain physical access to a system?
Impersonation
As a black hat hacker, you identify a WAP at the mall that you're going to exploit. You discover that the WAP is using WEP. Which method will you utilize to exploit the WAP?
Initialization vector
What part of the encryption process was weak in WEP?
Initialization vector
Which form of biometrics scans a pattern in the area of the eye around the pupil?
Iris scanning
What wireless attack would you use to take a known piece of information in order to be able to decrypt wireless traffic?
Key reinstallation
What is a viable approach to protecting against tailgating?
Man trap
Which of the following is both a security issue for an organization and a privacy issue for a BYOD user?
Mixing personal and corporate data
What mode needs to be enabled to get all headers from wireless network communications?
Monitor
What would the result of a high false failure rate be?
People having to call security
What types of authentications are allowed in a WPA-encrypted network?
Personal and enterprise
The use of a script to perform a social engineering attack is called what?
Pretexting
You get a phone call from someone telling you they are from IRS and they are sending the police to your house now to arrest you unless you provide a method of payment immediately. What tactic is the caller using?
Pretexting
Your company gives you a free simulator for LINUX. Later, you feel like you should buy the simulator in response. What social engineering principle gets you to buy the simulator because you feel obligated to respond to the company's favor?
Reciprocity
Which of the following types of scanning is used on the eye to measure the layer of blood vessels?
Retinal
Which of the following is a social engineering tool that can be used to send a spear phishing email?
SET
What element could be used to facilitate log collection, aggregation, and correlation?
SIEM
What information must be known for a wireless client to connect to an access point to gain access or be challenged with authentication?
SSID
Laura, a security analyst, observes that the company's web logs are showing a lot of very small HTTP read requests. Which of the following attacks is responsible for this?
Slowloris
Marry, a project manager, receives a call from her bank. She was informed that someone has tried to access her checking account and she needs to confirm her account number and password to discuss further details. She gives her account number and password. Which of the following attacks has occurred in the given scenario?
Social engineering
Which of the following relies heavily on human interaction and often involves tricking people into breaking normal security procedures?
Social engineering
Brett received a fake email asking to donate money to a charity group that operates in Nigeria. The email instructs him to provide his bank account information that will be used to deduct two dollars from his account every month for the charity. What may be the issue here?
Spear phishing
John, a security analyst, is probing a DNS server and discovers that it is configured as an open server. Which of the following risks is associated with this configuration?
The server may be used in an amplification attack.
You have received the text message on your mobile phone that says, "Hello, this is Malta from the Yahoo Bank. Kindly contact me for a vital transaction on [email protected]". Which of the following statements is true regarding the text message?
This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
Mark, a security manager, categorizes an information system and determines that the loss of integrity of a specific information type would impact business significantly. Based on this, he recommends the implementation of several solutions. Which of the following, when combined, would mitigate this risk?
Validation
Which of the following is defined as an act of using VoIP for phishing, which involves using social engineering over the telephone system to obtain private information from an individual?
Vishing
Which protocol is used to create a secure environment in a wireless network?
WPA
Juan, a security analyst, observes an attack that occurs from code on the web server accepting data coming from the client without doing any data validation. Which of the following is responsible for the given scenario?
XML entity injection
What is an advantage of a phone call over a phishing email?
You are able to go into more detail with pretexting.
